#88 HIGH: SQL injection prevention via sql.Identifier for dynamic tables

closed high Created 2025-11-26 20:51 · Updated 2025-11-26 20:51

Description

Edit
timeout_service.py:174,311 dead_letter_service.py:189,204 heartbeat_service.py:182 - All services use psycopg sql.Identifier() for dynamic table names (r_{queue_name}, t_{queue_name}). Prevents SQL injection.

Comments

Loading comments...

Context

Loading context...

Audit History

View All
Loading audit history...
Quick Actions
Edit
Status
Priority
Danger Zone